<?php
require_once ('config.php');
$errmsg_arr = array ();

$errflag = false;

$con = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if (!$con)
	die('Could not connect: ' . mysql_error());

mysql_select_db(DB_DATABASE, $con);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Member</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>

<?php
include_once ("common.php");
printHeader();
?>

<form name=form method=post action="search-feedback.php" >
<table align="right">
<tr>
    <td><input type=text name=moviefeedback size="12"><input type=submit value="search movie"></td>
</tr> 
</table>
</form>


<p>This is a password protected area only accessible to members. </p>
</body>
</html>

<?php
$sql = "INSERT INTO feedback (movieID, feedback, userrating, userID)
        VALUES ((SELECT ID FROM movielist WHERE name = '$_POST[moviename]'),
                '$_POST[feedback]', $_POST[rating], 'dz')";

if (!mysql_query($sql, $con)) {
	die('Error: ' . mysql_error());
}
echo "Thank you. You added new <a href='search-feedback.php'>feedback</a>.";

mysql_close($con);
?>
